Bug 488718 (encrypted_LVM)

Summary: Support for encrypted LVs in LVM2 & key management (tracker)
Product: Red Hat Enterprise Linux 6 Reporter: Milan Broz <mbroz>
Component: lvm2Assignee: Milan Broz <mbroz>
Status: CLOSED WONTFIX QA Contact: Corey Marthaler <cmarthal>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: agk, calestyo, dwysocha, heinzm, jbrassow, lvm-team, mbroz, myllynen, prockai, pvrabec, syeghiay
Target Milestone: rcKeywords: Tracking
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-04-03 16:21:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 457541, 458392, 464089, 488722    
Bug Blocks:    

Description Milan Broz 2009-03-05 13:32:37 UTC 
Tracking bug for RFE and all dependant bugs & FREs covering encrypted volume support in LVM2 and key management interface.

>  a) add support of crypto segment into libdevmapper
>
>  b) add support for lvm metadata (keystore, crypt segments)
> 
>  c) define key management interface + lvm internals
> 
>  d) write cyptsetup/LUKS backward compatible key management plugin
> 
>  e) provide low level key management tool (using key management plugins above)
> 
>  f) provide support for encrypted LVs in basic lvm tools
> 
>  g) support more complicated operations (pvmove, online reencryption)

See also patches https://www.redhat.com/archives/lvm-devel/2009-January/msg00082.html
Comment 1 RHEL Program Management 2009-06-15 20:59:37 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 3 Milan Broz 2012-04-03 16:21:37 UTC 
I am closing this and will perhaps create a new tracker for volume encryption related bugs.

Integration with lvm2 will cause more problems than it solves, it would be better to have separate encryption layer and some mechanism how to manipulate better with device stack.

(From the kernel/performance point of view it is exactly the same - stacked device-mapper devices.)